first, change your input-search’s name to ‘search’:
<input type="text" name="search">
You are sending your form, to the same .php file, using the ‘POST’ method.
This means you can access what ever information being sent to the page, by accessing the $_POST variable.
Add this to the top of your search.php file, inside the <?php ?> tags:
if (isset($_POST['search']) {
echo $_POST['search'];
}
this will give you the idea of how to handle data being post from a <form>.
Have a look at this PHP doc, regarding dealing with forms.
mysqli allows you to use prepared-statements, which is a safe way to pass user-input to database-queries.
An example on how to query DB with prepared statments:
if (isset($_POST['search']) {
$stmt = $mysqli->prepare("SELECT * FROM produckte WHERE beschreibung = ? LIMIT 100;")
$stmt->bind_param("s", $_POST['search']);
$stmt->execute();
$result = $stmt->get_result();
while ($row = $result->fetch_array(MYSQLI_NUM))
{
.....handle your data here....
}
$stmt->close();
}